We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2023-35134

Weintek Weincloud Weak Password Recovery Mechanism for Forgotten Password



Assignericscert
Reserved2023-07-13
Published2023-07-19
Updated2024-10-28

Description

Weintek Weincloud v0.13.6 could allow an attacker to reset a password with the corresponding account’s JWT token only.



HIGH: 7.4CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Product status

Default status
unaffected

Any version
affected

Credits

​Hank Chen (PSIRT and Threat Research of TXOne Networks) reported these vulnerabilities to CISA. finder

References

https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-04

cve.org CVE-2023-35134

nvd.nist.gov CVE-2023-35134

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2023-35134
Subscribe to our newsletter to learn more about our work.